{"id":13504294,"url":"https://github.com/apache/mina-sshd","last_synced_at":"2026-04-06T21:00:54.558Z","repository":{"id":923079,"uuid":"688360","full_name":"apache/mina-sshd","owner":"apache","description":"Apache MINA sshd is a comprehensive Java library for client- and server-side SSH.","archived":false,"fork":false,"pushed_at":"2026-03-26T23:01:32.000Z","size":23194,"stargazers_count":1064,"open_issues_count":66,"forks_count":394,"subscribers_count":43,"default_branch":"master","last_synced_at":"2026-04-03T03:39:43.600Z","etag":null,"topics":["apache","java","library","ssh"],"latest_commit_sha":null,"homepage":"https://mina.apache.org/sshd-project/","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/apache.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGES.md","contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":"NOTICE.txt","maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2010-05-26T23:38:08.000Z","updated_at":"2026-04-02T21:29:20.000Z","dependencies_parsed_at":"2026-03-10T11:01:47.307Z","dependency_job_id":null,"html_url":"https://github.com/apache/mina-sshd","commit_stats":{"total_commits":2890,"total_committers":97,"mean_commits":29.79381443298969,"dds":0.7110726643598616,"last_synced_commit":"90872df67562818d0a23be61b3ec82f67cbc62b6"},"previous_names":[],"tags_count":52,"template":false,"template_full_name":null,"purl":"pkg:github/apache/mina-sshd","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apache%2Fmina-sshd","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apache%2Fmina-sshd/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apache%2Fmina-sshd/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apache%2Fmina-sshd/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/apache","download_url":"https://codeload.github.com/apache/mina-sshd/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apache%2Fmina-sshd/sbom","scorecard":{"id":201592,"data":{"date":"2025-08-11","repo":{"name":"github.com/apache/mina-sshd","commit":"92eb158391a0c80e37e09283b0f198e1ab1de09f"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":5.6,"checks":[{"name":"Maintained","score":10,"reason":"30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":3,"reason":"Found 4/13 approved changesets -- score normalized to 3","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/build.yml:1","Warn: no topLevel permission defined: .github/workflows/master-build.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE.txt:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE.txt:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/master-build.yml:29"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/mina-sshd/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/mina-sshd/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/mina-sshd/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/mina-sshd/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/mina-sshd/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/mina-sshd/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/mina-sshd/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:83: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/mina-sshd/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/mina-sshd/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/master-build.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/mina-sshd/master-build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/master-build.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/mina-sshd/master-build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/master-build.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/mina-sshd/master-build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/master-build.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/mina-sshd/master-build.yml/master?enable=pin","Info:   0 out of  10 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   3 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 23 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-16T22:55:45.662Z","repository_id":923079,"created_at":"2025-08-16T22:55:45.662Z","updated_at":"2025-08-16T22:55:45.662Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31381009,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-03T21:40:47.592Z","status":"ssl_error","status_checked_at":"2026-04-03T21:40:05.436Z","response_time":107,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["apache","java","library","ssh"],"created_at":"2024-08-01T00:00:28.294Z","updated_at":"2026-04-06T21:00:54.504Z","avatar_url":"https://github.com/apache.png","language":"Java","readme":"![Apache MINA SSHD](https://mina.apache.org/assets/img/header-sshd.png \"Apache MINA SSHD\")\n# Apache MINA SSHD\n\nApache MINA SSHD is a 100% pure java library to support the SSH protocols on both the client and server side. It does not\naim at being a replacement for the SSH client or SSH server from Unix operating systems, but rather provides support for Java\nbased applications requiring SSH support.\n\nThe library can leverage several I/O back-ends:\n\n* The default transport is built-in and uses Java's `AsynchronousSocketChannel`s.\n* [Apache MINA](https://mina.apache.org), a scalable and high performance asynchronous I/O library, can be used instead, or\n* the [Netty](https://netty.io) asynchronous event-driven network framework is also supported.\n\n# Releases\n\nReleases of Apache MINA sshd are available at [Maven Central](https://mvnrepository.com/artifact/org.apache.sshd). `tar.gz` and\nZIP source and binary distributions are available at the [Apache MINA sshd](https://mina.apache.org/sshd-project/downloads.html)\nweb site.\n\n*Snapshot* releases from the main branch are published on each push or merge on the main branch, if the tests pass successfully.\nThese snapshot releases are available at the [Apache Snapshot](https://repository.apache.org/content/repositories/snapshots)\nmaven repository.\n\n## [Release notes](./CHANGES.md)\n\n# Issue reporting\n\nBug reports and improvement or feature requests can be filed at the [GitHub issue tracker](https://github.com/apache/mina-sshd/issues)\nor at the [Apache issue tracker](https://issues.apache.org/jira/projects/SSHD).\n\nSensitive issues such as security vulnerabilities must be reported through [private channels](./SECURITY.md), not via either issue tracker.\n\n# [Supported standards](./docs/standards.md)\n\n# Core requirements\n\n* Java 8+ at runtime (as of version 2.3)\n* Java 17+ at build time (as of version 2.14)\n\n* [Slf4j](https://www.slf4j.org/)\n\nThe code only requires the core abstract [slf4j-api](https://mvnrepository.com/artifact/org.slf4j/slf4j-api) module. The actual\nimplementation of the logging API can be selected from the many existing adaptors.\n\n# Basic artifacts structure\n\n* *sshd-common* - contains basic classes used throughout the project as well as code that does not require client or server network support.\n\n* *sshd-core* - contains the basic SSH client/server code implementing the connection, transport, channels, forwarding, etc..\n    * *sshd-mina*, *sshd-netty* - replacements for the default NIO2 connector used to establish and manage network connections using\n[MINA](https://mina.apache.org/mina-project/index.html) and/or [Netty](https://netty.io/) libraries respectively.\n\n* *sshd-sftp* - contains the server side SFTP subsystem and the SFTP client code.\n    * *sshd-spring-sftp* - contains a [Spring Integration](https://spring.io/projects/spring-integration) compatible SFTP adapter\n\n* *sshd-scp* - contains the server side SCP command handler and the SCP client code.\n\n* *sshd-ldap* - contains server-side password and public key authenticators that use an LDAP server.\n\n* *sshd-git* - contains replacements for [JGit](https://www.eclipse.org/jgit/) SSH session factory.\n\n* *sshd-osgi* - contains an artifact that combines *sshd-common* and *sshd-core* so it can be deployed in OSGi environments.\n\n* *sshd-putty* - contains code that can parse [PUTTY](https://www.putty.org/) key files.\n\n* *sshd-openpgp* - contains code that can parse [OpenPGP](https://www.openpgp.org/) key files (with some limitations - see relevant section)\n\n* *sshd-cli* - contains simple templates for command-line client/server - used to provide look-and-feel similar to the Linux *ssh/sshd* commands.\n\n* *sshd-contrib* - **experimental** code that is currently under review and may find its way into one of the other artifacts\n(or become an entirely new artifact - e.g., *sshd-putty* evolved this way).\n\n* *sshd-benchmarks* - contains some JMH benchmarks for SSH operations. The benchmarks are intended to be run by developers locally;\nthe artifact is not part of the binary distribution, and is not deployed to any maven repository.\n\n# [Optional dependencies](./docs/dependencies.md)\n\n# Quick reference\n\n## Building the code\n\nIncluding tests\n\n```\nmvn clean install\n```\n\nWithout tests\n\n```\nmvn -Pquick clean install\n```\n\n## [Set up an SSH client in 5 minutes](./docs/client-setup.md)\n\n## [Embedding an SSHD server instance in 5 minutes](./docs/server-setup.md)\n\n# SSH functionality breakdown\n\n## [Security providers setup](./docs/security-providers.md)\n\n## [Commands infrastructure](./docs/commands.md)\n\n## [SCP](./docs/scp.md)\n\n## [SFTP](./docs/sftp.md)\n\n## [Port forwarding](./docs/port-forwarding.md)\n\n## [Internal support classes](./docs/internals.md)\n\n## [Event listeners and handlers](./docs/event-listeners.md)\n\n## [Command line clients](./docs/cli.md)\n\n## [GIT support](./docs/git.md)\n\n## [Configuration/data files parsing support](./docs/files-parsing.md)\n\n## [Extension modules](./docs/extensions.md)\n\n# [HOWTO(s)](./docs/howto.md)\n\n# Technical Documentation\n\n## [SSH Key Exchange](./docs/technical/kex.md)\n\n## [TCP/IP Port Forwarding](./docs/technical/tcpip-forwarding.md)\n\n## [Global Requests](./docs/technical/global_requests.md)\n\n## [Android support](./docs/android.md)\n","funding_links":[],"categories":["Apache","Java","网络编程"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fapache%2Fmina-sshd","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fapache%2Fmina-sshd","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fapache%2Fmina-sshd/lists"}